You're reading from Microsoft Operations Management Suite Cookbook

Product typeBook

Published inApr 2018

PublisherPackt

ISBN-139781786469090

Edition1st Edition

Tools

Operations Management Suite

Concepts

Operations Management

Author (1)

Chiyo Odika

Connecting sources without internet access to OMS

If you implement security policies that restrict computers in your corporate network (corpnet) from connecting to the internet, OMS has an HTTP forward proxy feature called the OMS Gateway that will enable you to still connect computers in your corpnet to OMS.

While the computers in your corpnet will have no connectivity to the internet, the OMS Gateway must have access to the internet, or be connected to a proxy server that does, so as to be able to forward data to the OMS service endpoints. The OMS Gateway supports HTTP tunneling using the HTTP CONNECT command. It collects data on behalf of the OMS agents deployed to the computers in your corpnet, and sends the data to OMS.

The following information will help you understand how to connect sources to OMS that have no connectivity to the internet.

Getting ready

At this time, the OMS Gateway supports the following connected sources scenarios:

Windows computers directly connected to an OMS workspace with the MMA
Linux computers directly connected to an OMS workspace with the OMS agent for Linux
SCOM agent-managed computers reporting to a management group that is integrated with OMS. The following SCOM versions are supported:
- SCOM 2016
- SCOM 2012 R2 with update rollup 3
- SCOM 2012 SP1 with update rollup 7
Azure Automation Hybrid Runbook Workers

The OMS Gateway feature can also be made highly available using your existing enterprise hardware-based load balancers. To begin, you will need to download and install the OMS Gateway.

How to do it...

You will need to download the OMS Gateway setup file and use the file to install and configure the OMS Gateway. You can also configure high availability for the OMS Gateway using load balancing, if you wish.

Downloading the OMS Gateway setup file

You can download the latest version of the OMS Gateway setup file in one of three ways:

Navigate to the following URI (https://www.microsoft.com/en-us/download/details.aspx?id=54443) to obtain the setup file from the Microsoft Download Center
Obtain the setup file from the OMS Portal:
1. Sign into your OMS workspace
2. Navigate to Settings | Connected Sources | Windows Servers
3. In the resulting blade, click Download OMS Gateway:

Figure 1.5 Downloading OMS Gateway from the OMS portal

You can download the OMS Gateway setup file from the Azure portal
1. Sign in to the Azure portal
2. Select Log Analytics from the list of services
3. Select a workspace
4. Under the General section in your workspace blade, click Quick Start.
5. Under the Choose a data source to Connect to the Workspace, click Computers
6. In the Direct Agent blade, click Download OMS Gateway
7. Save the OMS Gateway.msi file:

Figure 1.6 Downloading OMS Gateway from the Azure portal

Installing the OMS Gateway

Use the following steps to install the OMS Gateway:

Locate the OMS Gateway.msi file downloaded in the previous section
Right-click the file and select Install
Click Run on the security warning prompt, if any appear

Click Next on the Welcome page:

Figure 1.7 OMS Gateway setup

Select I accept the terms in the License Agreement in the End-user License Agreement page and click Next
On the OMS Gateway Configurations page, do the following:
1. Enter the port to be used for the server. The default port is 8080. You can enter any values that range from 1 through to 65535.
2. Optionally, if the OMS Gateway server needs to communicate through a proxy to get to the internet, check the radio box to Use a proxy server and enter the proxy server information. If the proxy requires authentication, check the My proxy requires authentication radio box and enter the username and password information as well.

1. Click Next to proceed:

Figure 1.8 OMS Gateway setup

On the Destination Folder page, leave the default folder settings as C:/Program Files/OMS Gateway, or choose another folder to install the OMS Gateway on, and click Next.
Click Install on the Ready to Install OMS Gateway page and select Yes if you receive a User Account Control (UAC) prompt.
Click Finish after the setup has completed.

Check the list of services or use PowerShell to verify that the OMS Gateway service is installed and running:

Get-Service OMSGatewayService

Figure 1.9 Verifying that the OMS Gateway service is running

How it works...

The OMS Gateway is simply an HTTP forward proxy that makes connections on behalf of clients through HTTP CONNECT tunneling. In this case, the OMS agent computer forwards its TCP connection to the OMS Gateway, which tunnels the TCP connection to the OMS service endpoints. This tunneling mechanism means that the data is sent directly from the OMS Gateway to the OMS endpoints without being analyzed.

The OMS Gateway can be used with both OMS agents that are configured to directly connect to an OMS workspace, and an Operations Manager (SCOM) management group that is integrated with OMS. With directly connected OMS agents, the data is sent to the OMS Gateway, which then transfers the data directly to OMS in the manner previously described. When configured for use with an SCOM management group, the proxy information defined for the management group is distributed automatically to every agent-managed computer that is configured as an OMS-managed computer, even if that setting isn't defined.

Depending on the solution(s) configured in OMS, the agent will then collect the relevant data and either send it to the management server or, in the case of high-volume data, such as performance metrics and security events, directly to the OMS endpoints via the OMS Gateway.

There's more...

You can configure the OMS Gateway for high availability through network load balancing (NLB). This will enable you to use the TCP/IP networking protocol to distribute traffic across two or more OMS Gateway servers. Using an NLB configuration will provide you with some measure of high availability and scalability for your OMS Gateway configuration. You can make use of any existing hardware-based load balancers that you use within your infrastructure, and the OMS Gateways configured as NLB hosts should support common NLB configurations, such as your preferred load-balancing algorithms (least sessions, round robin, fastest, and so on), persistence methods, and so on.

Ensure that your target server listening port adheres to the port configuration used during the installation of the OMS Gateway server(s).

You can also install the OMS agent on the computer configured as the OMS Gateway. This configuration will enable the following:

The OMS Gateway can identify the service endpoints that it needs to communicate with
The OMS agent can monitor and collect event and performance data from the OMS Gateway

Additionally, Operations Manager Gateway servers deployed in untrusted networks cannot communicate with the OMS Gateway. They can only report to an Operations Manager management server, and would therefore be subject to the proxy server settings (if any) configured for the management group to which the SCOM management server belongs.

For directly connected computers to send data to the OMS Gateway, they must have network connectivity to the OMS Gateway, and the agents' proxy configuration should be set to the same port used by the OMS Gateway to communicate with OMS service endpoints.

Using a proxy server to access OMS from SCOM

Perform the following steps:

Open the SCOM console and navigate to the Administration workspace

Navigate to Operations Management Suite, click Connection, and then click Configure Proxy Server:

Figure 1.10 - Configuring proxy server options in SCOM

Select the option to Use a proxy server to access the Operations Management Suite and type either the IP address of the standalone OMS Gateway server or the virtual IP address of the array of load-balanced OMS Gateway servers

Figure 1.11- Configuring the proxy server in SCOM

Ensure that you start with the http:// prefix. Additionally, ensure that you bypass the HTTPS inspection if you need to permit access to OMS service endpoints through your firewalls.

Use PowerShell cmdlets with OMS Gateway

You can make use of PowerShell to review and modify the OMS Gateway configuration settings. The OMS Gateway PowerShell module should get imported in the OMS Gateway server(s) upon installation of the OMS Gateway feature. You can always verify this by importing the module to confirm:

Import-Module OMSGateway

Once you confirm that the OMS Gateway has been imported, you can also verify your OMS Gateway configuration for the listening port, log level, and other settings:

Get-OMSGatewayConfig

Figure 1.12 - Reviewing the OMS Gateway configuration

To make changes to the OMS Gateway configuration using PowerShell, you can make use of the Set-OMSGatewayConfig cmdlet. For instance, to change the port on which the OMS Gateway is listening, you can execute the following command:

 Set-OMSGatewayConfig -Name ListenPort -Value [port]

In the preceding command, [port] is the integer value of your desired port on which the OMS Gateway listens.

At this time, the Set-OMSGatewayConfig cmdlet supports the following configuration names:

ListenPort
LogLevel
IncirporatedOMSSolution
UseIpv6
IncorporatedScomSupport

Chiyo Odika is a author, consultant, strategist and thought leader who is passionate about data-driven management and architecture. Chiyo excels at helping clients think strategically about how to use technology to optimize the service delivery to the business, and to create fundamental business change and value. His current technology focus is cloud computing. He enjoys talking about hybrid cloud flexibility, exploring business technology trends, optimizing cloud infrastructures, and leading solution delivery teams. He has extensive experience in leading full lifecycle technology implementations of cutting-edge business solutions for a wide range of global clients and has championed initiatives from ideation to execution and delivery. His current technology focus is the Microsoft Cloud. He enjoys talking about hybrid cloud flexibility, and optimizing cloud infrastructures with Microsoft Azure, Windows Server, and Microsoft System Center, and about IT Service Management and process optimization.
Read more about Chiyo Odika

Other recommended products

Related to this chapter

Learn Microsoft Azure

Microsoft Azure is a cloud computing platform that helps you build, deploy, and manage applications to overcome your business challenges. This book covers the commonly used Azure services and also explains how you effectively integrate and utilize them.

BookDec 2018354 pages

Microsoft System Center 2016 Orchestrator Cookbook

Microsoft System Center Orchestrator 2016 simplifies the process of automating system administration tasks and provides a complete solution that goes beyond basic automation. In this practical cookbook you will learn how to explore System Center 2016 by creating runbooks to control and automate every feature possible.

BookJul 2017310 pages

Microsoft System Center Data Protection Manager Cookbook

System Center Data Protection Manager (SCDPM) is a robust enterprise backup and recovery system that contributes to your BCDR strategy by facilitating the backup and recovery of enterprise data. This book contains recipes that will help you upgrade to the latest SCDPM release and it covers the advanced features and functionalities.

BookDec 2018424 pages

Learning Microsoft Azure Storage

Microsoft Azure Storage is the bedrock of Microsoft's core storage solution offering in Azure. No matter what solution you are building for the cloud, you'll find a compelling use for Azure Storage. This book will help you get up-to-speed quickly on Microsoft Azure Storage by teaching you how to use the different storage services. You will be able to leverage secure design patterns based on real-world scenarios and develop a strong storage foundation for Azure virtual machines.

BookNov 2017276 pages

Implementing Hybrid Cloud with Azure Arc

Azure Arc helps in simplifying the governance and monitoring of your infrastructure and gives you a single pane view across hybrid architectures deployed over multiple clouds or on-premises. If you are new to multi-cloud or cloud with Edge infrastructure, this book will provide a comprehensive introduction and get you up-to-speed in no time.

BookJul 2021242 pages

Implementing Microsoft Azure Infrastructure Solutions: Exam Guide 70-533

This book focuses on skills and knowledge for provisioning and managing services in Microsoft Azure. This includes implementing infrastructure components such as virtual networks, virtual machines, containers, web and mobile apps, storage, planning and managing Azure AD and configuring Azure AD integration with on-premises Active Directory domains.

BookAug 2018516 pages

Windows Server 2016 Hyper-V Cookbook

This Hyper-V book is designed to help advanced-level administrators benefit fully from the new Windows Server. With over 80 hands-on recipes, the Hyper-V Cookbook gives you tips, tricks and best practices to deploy, maintain and upgrade your virtual machines.

BookJan 2017524 pages

Implementing Microsoft Azure Architect Technologies: AZ-303 Exam Prep and Beyond

Microsoft Azure Architect - Exam Guide AZ-303 is a complete guide to mastering topics related to Azure Architect practices. With detailed coverage of concepts and techniques, you’ll gain the knowledge and skills required to take and pass the AZ-303 exam and become a Microsoft Azure Architect expert.

BookDec 2020548 pages

Microsoft Azure Administrator ‚Äì Exam Guide AZ-103

Microsoft Azure Administrator- Exam Guide AZ-103 is a complete guide that will help you master topics related to Azure administrator practices. Using this guide, you will have all the information required to ace the AZ-103 exam and become a Microsoft Azure administrator expert.

BookMay 2019452 pages

Migrating Linux to Microsoft Azure

Migrating Linux to Microsoft Azure is your guide to maximizing the existing investments in Linux and becoming sustainable with efficient migration of existing Linux workloads to Azure.

BookJul 2021210 pages

Architecting Microsoft Azure Solutions - Exam Guide 70-535

This study guide includes all the topics that are still relevant from the previous 70-534 exam, updated with the latest features like Artificial Intelligence, IoT, and architecture styles. This guide will help Azure Architects, Developers or anyone interested in designing and implementing effective Cloud architecture strategies.

BookApr 2018418 pages

Learn Azure Sentinel

Azure Sentinel is an intelligent security service from Azure where Microsoft's main focus on developing sentinel is to integrate and bring together cloud security and artificial intelligence into effect. Here readers will gain enough understanding to make the most of Azure services to secure their environment from modern cybersecurity threats.

BookApr 2020422 pages

Personalised recommendations for you

Based on your interests and search pattern

Engineering Manager's Handbook

Engineering Manager's Handbook is a comprehensive guide for managers to excel in their role, foster customer-centric digital products, learn leadership, team building, and balancing technical work with management. You’ll also explore how to develop trust, authority, and collaboration to drive success and make a lasting impact.

BookSep 2023278 pages

C++ Game Animation Programming

Video game characters have a fascinating history, evolving from simple 2D sprites to high-polygon 3D models. Take a look behind the curtain and learn how to build a 3D renderer, load character models, play animations and blend between them, and create large crowds of animated people with this comprehensive C++ game animation programming guide.

BookDec 2023480 pages

Gamification for Product Excellence

This book helps you to take your product management strategy to the next level by standing out in crowded markets. Along with boosting user adoption rates by creating engaging products that incorporate playful elements, learn gamification theory and how to integrate it into your design, product development, and product management processes.

BookSep 2023350 pages

Supercharging Productivity with Trello

Supercharging Productivity with Trello is the ultimate guide for anyone looking to boost their productivity with digital tools. Whether you're new to Trello or a seasoned professional, this book covers everything from core features to advanced automation, and Power-Ups.

BookAug 2023342 pages

Automate It with Zapier and Generative AI

This comprehensive guide takes you through the concepts of business process automation, showing you how Zapier can facilitate it without having to write code and helping you to boost productivity. You’ll learn how to save time, reduce costs, and make your business recession-proof by using Zapier to automate tasks in your cloud-based business apps.

BookAug 2023706 pages

Scoring to Picture in Logic Pro

In this book, you’ll explore a variety of techniques to synchronize music to picture using Logic Pro. Though this is not a technical manual, it will teach you how to make the best use of Logic Pro and how to wield this technology to maximize your potential when scoring to picture.

BookSep 2023412 pages

Mastering Information Security Compliance Management

This concise book equips you with the knowledge and practices needed to establish and maintain an effective information security management system. The chapters provide insights into ISO/IEC 27001/27002:2022, risk management, ISMS development, incident management, audit processes, and strategies for continuous improvement.

BookAug 2023236 pages1

Implementing Atlassian Confluence

Implementing Atlassian Confluence provides both a high-level overview and an insightful path for remote collaboration with Atlassian Confluence. With this multi-layered yet practical guide, you’ll be able to set up Confluence-based collaboration with minimum external consultancy services to ensure smooth and close coordination between teams.

BookSep 2023406 pages

R Bioinformatics Cookbook

This book takes a unique problem–solution approach to handling complex tasks in the bioinformatics domain using different datasets present in the book. With the help of real-world examples, you’ll learn to put each independent recipe to use to tackle problems in the field of bioinformatics.

BookOct 2023396 pages

Build Your Own Metaverse with Unity

Build Your own Metaverse with Unity is a practical guide for developers to create their own metaverse - a virtual world with infinite possibilities. It empowers you to identify gaps in existing metaverses and improve upon them, enabling you to shape your virtual world.

BookSep 2023586 pages5